package com.bw.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;


@Configuration
public class Config extends WebSecurityConfigurerAdapter {


    @Autowired
    FialAuthrizationHandler fialAuthrizationHandler;


    @Autowired
    SuccessAuthrizationHandler handler;





    @Bean
    public PasswordEncoder passwordEncoder(){
        return  new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin().loginPage("/login.html").loginProcessingUrl("/test/login").failureHandler(fialAuthrizationHandler).successHandler(handler).
                and().authorizeRequests().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {

            @Override
            public <O extends FilterSecurityInterceptor> O postProcess(O o) {
//                o.setAccessDecisionManager();
//                o.setSecurityMetadataSource();
                return o;
            }
        }).antMatchers("/login.html","/test/login").
           permitAll()
           .anyRequest().authenticated().and().csrf().disable();
    }
}
